back to article ID profiles worth far more than credit card details to crooks

Identity profiles are worth far more on the digital underground than credit card details. Gunter Ollmann, a security researcher in the ISS security division of IBM, discovered that a list of 2,000 credit card details (including CVV2 codes and magstripe data) is worth about the same as 40 standard identities (ie name, address, …


This topic is closed for new posts.
  1. Harry Stottle


    I make the point in my blog on this issue that - up till the day before disclosure - the black market price for the bank details alone were £400 per set - so the government flooded the market with £10 BILLION pounds worth... It may be that the only evidence we ever see that the data has escaped is a major reduction in that black market price...

  2. lucmars


    Not sure that the login password of a porn site account is the same as for the other accounts. I bet that for many people who like porn site, this activity is a bigger secret than the credentials of their bank account.

  3. Anonymous Coward
    Anonymous Coward

    ... and this is the calm before the data sh!tstorm

    When the NHS role out their database which contains, medical records that contain biometric data, address details, national insurance numbers, ex directory telephone numbers, mobile numbers, easy cross referencing to mother's maiden name, I think the UK will soon know what identity theft is all about.

    The NHS database is going to be the El Dorado for identity thieves across the world.

    This database will be available to doctors surgeries and all hospitals, so I think we can bet the net is going to be used.

    Access will be to a million or so civil servants, nurses and doctors, I am sure nothing bad will happen, not.

  4. Anonymous Coward
    Black Helicopters

    NHS ID database

    In reply to AC, shhh!

    You know this *already exists* - but security is, of course, absolute and excellent!

    If you want to be even more secure, you could label yourself as "vulnerable" (which means that only name, date of birth and NHS number are displayed) by getting your GP to fill out and fax through the appropriate forms. (It might be better to check it out on the CfH PDS - Personal Demographics Service - website first - the GP may not have been told about this.) After all, there are, as AC so rightly points out, a *lot* of people with access.. [1]

    Unfortunately, being "sensitive" on PDS will stop you using any of the spine applications - the most important of which is C&B - so in future, as more and more Trusts only accept C&B referrals, you may have to chose between the risk of identity theft or receiving medical treatment.

    [1] the official line has always been that the NHS is one big family, and therefore there is nothing to worry about.

    My own feeling is that even the best families may contain a few rotten apples.

    Cain and Abel were brothers.

This topic is closed for new posts.